CN108694323B - Apparatus and method for detecting failure point - Google Patents
Apparatus and method for detecting failure point Download PDFInfo
- Publication number
- CN108694323B CN108694323B CN201810296263.XA CN201810296263A CN108694323B CN 108694323 B CN108694323 B CN 108694323B CN 201810296263 A CN201810296263 A CN 201810296263A CN 108694323 B CN108694323 B CN 108694323B
- Authority
- CN
- China
- Prior art keywords
- integrated circuit
- tuple
- sensitive
- functional block
- elements
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 238000012360 testing method Methods 0.000 claims abstract description 99
- 238000004590 computer program Methods 0.000 claims abstract description 9
- 238000013461 design Methods 0.000 claims description 33
- 230000003542 behavioural effect Effects 0.000 claims description 13
- 238000003860 storage Methods 0.000 claims description 10
- 230000004044 response Effects 0.000 claims description 8
- 238000012795 verification Methods 0.000 claims description 8
- 239000000872 buffer Substances 0.000 claims description 6
- 230000009471 action Effects 0.000 claims description 4
- 238000001514 detection method Methods 0.000 abstract description 58
- 239000013308 plastic optical fiber Substances 0.000 description 48
- 239000013309 porous organic framework Substances 0.000 description 48
- 230000006870 function Effects 0.000 description 41
- 238000004519 manufacturing process Methods 0.000 description 15
- 238000012937 correction Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 10
- 230000004913 activation Effects 0.000 description 9
- 230000004048 modification Effects 0.000 description 9
- 238000012986 modification Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 8
- 238000004088 simulation Methods 0.000 description 6
- 230000015572 biosynthetic process Effects 0.000 description 5
- 238000011156 evaluation Methods 0.000 description 5
- 238000003786 synthesis reaction Methods 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 4
- 238000002347 injection Methods 0.000 description 4
- 239000007924 injection Substances 0.000 description 4
- 239000000243 solution Substances 0.000 description 4
- 239000013598 vector Substances 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 3
- 238000005266 casting Methods 0.000 description 3
- 230000009849 deactivation Effects 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000012938 design process Methods 0.000 description 2
- 239000000428 dust Substances 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000002441 reversible effect Effects 0.000 description 2
- 239000000758 substrate Substances 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- XUIMIQQOPSSXEZ-UHFFFAOYSA-N Silicon Chemical compound [Si] XUIMIQQOPSSXEZ-UHFFFAOYSA-N 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000004624 confocal microscopy Methods 0.000 description 1
- 238000005520 cutting process Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000010884 ion-beam technique Methods 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 230000000873 masking effect Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000002184 metal Substances 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 230000035772 mutation Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000000059 patterning Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 239000000047 product Substances 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 229910052710 silicon Inorganic materials 0.000 description 1
- 239000010703 silicon Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
- 238000010998 test method Methods 0.000 description 1
- 238000003325 tomography Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000011144 upstream manufacturing Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/30—Circuit design
- G06F30/32—Circuit design at the digital level
- G06F30/33—Design verification, e.g. functional simulation or model checking
- G06F30/3323—Design verification, e.g. functional simulation or model checking using formal methods, e.g. equivalence checking or property checking
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/3181—Functional testing
- G01R31/3183—Generation of test inputs, e.g. test vectors, patterns or sequences
- G01R31/318342—Generation of test inputs, e.g. test vectors, patterns or sequences by preliminary fault modelling, e.g. analysis, simulation
- G01R31/31835—Analysis of test coverage or failure detectability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/2851—Testing of integrated circuits [IC]
- G01R31/2884—Testing of integrated circuits [IC] using dedicated test connectors, test elements or test circuits on the IC under test
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/31718—Logistic aspects, e.g. binning, selection, sorting of devices under test, tester/handler interaction networks, Test management software, e.g. software for test statistics or test evaluation, yield analysis
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/31719—Security aspects, e.g. preventing unauthorised access during test
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/3181—Functional testing
- G01R31/3183—Generation of test inputs, e.g. test vectors, patterns or sequences
- G01R31/318314—Tools, e.g. program interfaces, test suite, test bench, simulation hardware, test compiler, test program languages
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/3181—Functional testing
- G01R31/3183—Generation of test inputs, e.g. test vectors, patterns or sequences
- G01R31/318342—Generation of test inputs, e.g. test vectors, patterns or sequences by preliminary fault modelling, e.g. analysis, simulation
- G01R31/318357—Simulation
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/3181—Functional testing
- G01R31/3185—Reconfiguring for testing, e.g. LSSD, partitioning
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/3181—Functional testing
- G01R31/3185—Reconfiguring for testing, e.g. LSSD, partitioning
- G01R31/318533—Reconfiguring for testing, e.g. LSSD, partitioning using scanning techniques, e.g. LSSD, Boundary Scan, JTAG
- G01R31/318583—Design for test
- G01R31/318588—Security aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/30—Circuit design
- G06F30/32—Circuit design at the digital level
- G06F30/327—Logic synthesis; Behaviour synthesis, e.g. mapping logic, HDL to netlist, high-level language to RTL or netlist
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/30—Circuit design
- G06F30/39—Circuit design at the physical level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2111/00—Details relating to CAD techniques
- G06F2111/04—Constraint-based CAD
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2111/00—Details relating to CAD techniques
- G06F2111/20—Configuration CAD, e.g. designing by assembling or positioning modules selected from libraries of predesigned modules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Abstract
An apparatus, method and computer program product are provided for detecting a point of failure in an Integrated Circuit (IC). An integrated circuit device is described by a structural description (2) comprising a plurality of elements representing cells and lines interconnecting the cells, the structural description further comprising a portion representing a set of sensitive functional blocks (16), each sensitive functional block comprising one or more inputs, at least one sensitive output and an interconnection such that the value of the sensitive output is a boolean function of the values of the inputs of the sensitive functional block. The detection device (100) comprises: -a selection unit (101) configured to iteratively select n-tuples of elements at least in a part of the netlist corresponding to the sensitive functional block, -a test unit (104) configured to test the n-tuple of each selected element, the test unit being configured to: -modifying the n-tuple of the selected element from an initial state to a test state; -determining whether the derivative of the boolean function associated with each sensitive functional block is equal to zero, the detection device (100) being configured to detect that the n-tuple represents a fault point of order n in the Integrated Circuit (IC) device if the derivative of the boolean function associated with the sensitive functional block is equal to zero.
Description
Technical Field
The present invention relates generally to electronic circuits, and in particular to an apparatus and method for detecting a point of failure in such circuits.
Background
Integrated Circuits (ICs) used in many embedded devices, such as smart cards or secure elements, may contain secret security keys and implement secret data.
Integrated circuits may be vulnerable to attack on the physical structure of the integrated circuit device (such as a chip, semiconductor device, etc.).
The integrated circuit may comprise a plurality of protection blocks for ensuring protection against attacks, such as one or more sensors intended to detect possible attacks. For example, the integrated circuit may include sensors, shields, digital sensors, etc. for detecting physical attacks (including but not limited to probing attacks or perturbation attacks). The integrated circuit may be configured to detect cyber attacks using, for example, CFI (control flow integrity) verification.
The structure of an integrated circuit typically contains certain points (called single points of failure or SPOFs) corresponding to critical elements of the integrated circuit whose failure would result in preventing the safe operation of the entire integrated circuit.
A single point of failure is a design weakness that, if present and subsequently located by an attacker, jeopardizes the security of the integrated circuit.
Integrated circuits include a number of sensitive functional blocks, such as protection blocks, that generate critical signals (e.g., alarms) when they detect abnormal operation of the integrated circuit. If the alarm is a single signal (corresponding to a single line), it represents a "single point of failure" (SPOF). In fact, an attacker can use a tool like a Focused Ion Beam (FIB) to cut off this vulnerable "line" corresponding to SPOF to eliminate the alarm and thus gain access to all secrets contained in the "edited" circuit, as well as to instances of the same product line sharing the same secrets. Furthermore, because the tools cannot easily reach the net (e.g., due to routing congestion thereon), and because the FIB is not fully reliable, circuit editing with the FIB is often difficult. Thus, protection against FIB attacks typically assumes that an attacker can only "edit" (i.e., cut, open, or tie to either a '0' or '1') a limited number of nets.
Thus, a major challenge for secure integrated circuits is the detection and elimination of a single point of failure in the circuit. SPOF represents the "weakest link" in the security chain of the integrated circuit. The fact that complex detection IP may be bypassed by single FIB cutting represents an important security vulnerability. The effect of the FIB may be to open (i.e., disconnect) the net, or even tie it to a '0' or '1'. In fact, the FIB tool can also repair the circuit, and in this regard, it can be used to force the value of any net.
It is known to diversify alarms in general by making them redundant according to the following method:
a simple copy (or multiplication) of the signal,
encoding the signal so that the alteration itself can be detected,
using a plurality of independent tests (e.g. in a shield, different areas are inspected independently).
When the multiplication of the alarm signal is done manually, it is possible that some of it may be missed. Alternatively, even if implemented correctly, it may happen that the synthesizer optimizes the diversity away. For example, the various alarm signals may be reconstructed such that a new single point of failure occurs again.
Existing approaches are based on automatic test vector generation (ATPG). These solutions are proposed to test integrated circuits to identify SPOFs using test vectors. For example, the cited us patent 6134689a describes a method of testing an integrated circuit containing logic devices, the method comprising the steps of: the method includes identifying a first test vector corresponding to a test failure due to a test of the logic device, converting the first test vector from a first input pin format to state data associated with the logic device, and searching the state data to identify a set of last shift transitions.
Other solutions are based on simulations and rely on post-production casting tests. However, even if the IC process is implemented under the cleanest and most acceptable industrial conditions and even if some dust and process variations are tolerated, physical errors on the die may still occur, for example due to lower wafer quality on the periphery, dust during masking or patterning, wafer dicing, etc. These existing post-production casting tests verify the signal continuity of the die through, for example, scan chains according to the planned tests. These plan tests are generated by means of conventional software techniques, such as mutation tests, and only meet validity criteria, such as statement coverage, branch coverage, etc. The planned testing primarily involves revealing whether the input or output of the gate stays at an undesirable level or whether the metal lines or vias have been damaged in multiple stages of manufacturing, regardless of the correlation of the test signals.
Therefore, there is a need for detecting a failure point in an IC device.
Disclosure of Invention
To address these and other problems, an apparatus is provided for detecting a point of failure in an Integrated Circuit (IC) described by a structural description of the integrated circuit comprising a plurality of elements, the elements representing cells and lines interconnecting the cells, the structural description of the integrated circuit further comprising a portion representing a set of sensitive functional blocks, each sensitive functional block comprising one or more inputs, at least one sensitive output, and a set of elements interconnected such that the value of the sensitive output is a boolean function of the values of the inputs of the sensitive functional block. The apparatus comprises:
a selection unit configured to iteratively select an n-tuple of elements at least in a portion of the structural description of the integrated circuit corresponding to the sensitive functional block,
-a test unit configured to test an n-tuple of each selected element, the test unit configured to:
-modifying the n-tuple of the selected element from an initial state to a test state;
-determining whether the derivative of the Boolean function associated with each sensitive functional block is equal to zero,
the apparatus is configured to detect that the n-tuple represents a fault point of order n in the Integrated Circuit (IC) device if a boolean function associated with the sensitive functional block is equal to zero.
In an embodiment, the test unit may be configured to modify the n-tuple of the selected element by performing at least an action in the group consisting of: removing the n-tuple of the element and maintaining the n-tuple of the element to a predefined binary value.
In an embodiment, the test unit may be configured to store information related to the n-tuple of elements if the derivative of the boolean function associated with the sensitive functional block is equal to zero.
The test unit may be configured to modify the n-tuple of the selection element from the test state back to the initial state before selecting another n-tuple of elements.
The apparatus may include a data structure for storing information related to n-tuples of elements under test, the data structure including an entry for the n-tuple for each element.
The information related to the n-tuple of each element may include a path of each n-tuple element in a structural description of the integrated circuit.
In an embodiment, the apparatus may comprise an injector configured to determine a type of each sensitive functional block comprised in the structural description of the integrated circuit, the injector configured to insert a test element into a portion of the structural description of the integrated circuit corresponding to a sensitive functional block depending on the type of the sensitive functional block, which provides a modified structural description of the integrated circuit, the injector configured to send the modified structural description to the selection unit for selection of the n-tuple element.
In an embodiment, the injector may be configured to force a state to occur that is configured to reverse the chain of buffers in the portion of the structural description corresponding to the sensitive functional block if the sensitive functional block represents a digital sensor that includes a chain of buffers.
The selection unit may include a parser for parsing at least the portion of the structure description corresponding to the sensitive function block.
The selection unit may be configured to parse the portion of the structural description corresponding to the sensitive functional block by applying a breadth-first traversal to the portion.
The structural description may be selected from the group consisting of: a gate level netlist, an IC layout description, and a transistor level netlist.
In an embodiment, a design apparatus for designing an integrated circuit device, the apparatus comprising:
-a behavioral description generator configured to determine a behavioral description of the IC device from a model of the IC device;
-a gate level netlist generator configured to generate a gate level netlist from the model of the behavioral description;
a floorplan router configured to floorplan and route cells to determine a physical floorplan of the IC device,
-a transistor level netlist generator configured to extract a transistor level netlist comprising transistors and connections from the layout.
The apparatus comprising a device for detecting the failure point from a structural description derived from at least one of the gate-level netlist, the layout description file, the transistor-level netlist according to any of the preceding embodiments, the design apparatus being configured to modify the model in response to detecting at least one failure point.
In an embodiment, there is provided an integrated circuit verification apparatus for verifying at least one integrated circuit, the apparatus comprising:
a structure description extractor configured to extract a structure description of the IC device,
the apparatus comprising means for detecting a point of failure in the integrated circuit from the extracted description file according to any of the preceding embodiments.
In an embodiment, a method is provided for detecting a point of failure in an Integrated Circuit (IC), the integrated circuit device being described by a structural description comprising a plurality of elements, the elements comprising cells and lines interconnecting the cells, the structural description further comprising a portion representing a set of sensitive functional blocks, each sensitive functional block comprising one or more inputs, at least one sensitive output and a set of elements interconnected such that the value of the sensitive output is a boolean function of the input values of the sensitive functional block, wherein the method comprises at least one iteration of the following steps:
-selecting an n-tuple of elements at least in a part of the netlist corresponding to the sensitive functional block,
-testing the n-tuple of each selected element, the testing step comprising:
-modifying the n-tuple of the selected element from an initial state to a test state;
-determining whether the derivative of the Boolean function associated with each sensitive functional block is equal to zero,
the method is for detecting that the n-tuple represents a fault point of order n in the Integrated Circuit (IC) device if a boolean function associated with the sensitive functional block is equal to zero.
There is also provided a computer program product for detecting a point of failure in an Integrated Circuit (IC), the integrated circuit device being described by a structural description comprising a plurality of elements, the elements representing cells and lines interconnecting the cells, the structural description further comprising a portion representing a set of sensitive functional blocks, each sensitive functional block comprising one or more inputs, at least one sensitive output and a set of elements interconnected such that the value of the sensitive output is a boolean function of the values of the inputs of the sensitive functional block, wherein the computer program product comprises:
a non-transitory computer-readable storage medium; and
program code stored on the non-transitory computer-readable storage medium, which when executed by one or more processors causes the one or more processors to:
-selecting an n-tuple of elements at least in a portion of the structural description corresponding to the sensitive functional block,
-testing the n-tuple of each selected element, the testing step comprising:
-modifying the n-tuple of the selected element from an initial state to a test state;
-determining whether the derivative of the Boolean function associated with each sensitive functional block is equal to zero,
the one or more processors are further caused to detect that the n-tuple represents an order n fault point in the Integrated Circuit (IC) device if a Boolean function associated with the sensitive functional block is equal to zero.
Embodiments of the invention may allow for enhanced security of trusted circuits by reliably detecting points of failure during the manufacture of integrated circuits. In other applications, embodiments of the invention may allow detection of a point of failure in one or more integrated circuits after their manufacture, for example for checking whether a foundry has modified the layout of the circuit before fabrication to reduce its reliability/safety in a circuit evaluation application.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate various embodiments of the invention and, together with the general description given above, the detailed description of the embodiments given below, serve to explain the embodiments of the invention.
FIG. 1 is a block diagram of a point of failure detection device according to some embodiments;
FIG. 2 is a flow diagram depicting an IC design method according to some embodiments;
FIG. 3 shows exemplary sensitive functional blocks;
FIG. 4 is a block diagram of a point of failure detection device according to one embodiment;
FIG. 5 is a flow diagram depicting a method of point of failure detection according to some embodiments;
FIG. 6 is a block diagram representing an integrated circuit design apparatus 600, in accordance with some embodiments; and
FIG. 7 is a diagrammatic view of an exemplary computing system for detecting a point of failure, in accordance with some embodiments.
Detailed Description
Embodiments of the present invention provide improved methods and apparatus for detecting a point of failure (hereinafter also referred to as "POF") in an Integrated Circuit (IC) based on a structural description of the IC (hereinafter also referred to as "IC device"). The failure point may be a single failure point (SPOF) or a multiple failure point.
Single point of failure (SPOF) refers to the point in the circuit where: if a fault occurs at this point of the circuit, the entire circuit fails.
A multi-point of failure (MPOF) refers to a plurality of such points of the circuit: if a fault occurs at least two of these points, the entire circuit fails.
As used herein, the term "fault point of order n" will be used to designate one or more fault points (a single fault point if n ═ 1, or multiple fault points if n is strictly greater than 1) where n is an integer greater than or equal to one (1) where the entire circuit fails if a fault occurs at all of these n points of the circuit.
Fig. 1 shows a cross-sectional view of a POF detection system 100 including a POF detection apparatus 10, the POF detection apparatus 10 being configured to detect a fault point of order n in an Integrated Circuit (IC) device 1 according to a structural description of the integrated circuit device 1, where n ≧ 1(n is greater than 1). The structural description of an integrated circuit device includes a plurality of elements, which represent cells and lines interconnecting the cells.
The structural description of the IC device may be an IC netlist or any structural description of an integrated circuit derived from such a netlist, such as a refined structural description of the IC device generated during a design phase of the IC device (refined netlists such as gate-level netlists, layout description files, transistor-level netlists, etc.).
The following description of some embodiments is made primarily with reference to a structural description of an IC device of the netlist type, but the skilled person will readily understand that the present invention applies similarly to any structural description of an IC device, such as for example a refined netlist (e.g. a transistor-level netlist or a layout description file). In the following description, the structural description of an integrated circuit device will therefore be referred to as a "netlist".
The POF detection apparatus 10 may be used during the manufacture of IC devices at any step in the design phase that provides a structural description (e.g., a netlist or a refined netlist) of the IC devices that is used by the POF detection apparatus to detect POFs. Such a structural description of the IC device 1 can then be used to complete the manufacture of the IC device 2 in a casting if no POF is detected.
Alternatively, the POF detection apparatus 10 may be applied to a manufactured IC device to evaluate or test the IC device, and the POF detection apparatus 10 determines whether the IC device includes POF using a structural description (such as a netlist) extracted from the IC device. For example, in the context of reliable computation, it is necessary to know whether a given IC device has SPOFs or, more generally, MPOFs with low multiplicity. In fact, IC devices are unreliable in the following cases:
natural faults occurring at SPOF generate anomalies, thus creating safety problems, and/or
The scam fault injected by the attacker can bypass the security mechanism.
Thus, it may be necessary to check that no fault points exist in the integrated circuit.
It should be noted that if the foundry is not trusted and the layout is modified prior to fabrication to reduce its reliability/safety, a point of failure may be introduced while the design is being fabricated. Evaluating the IC device after its manufacture allows for the detection of these leaks in the IC device.
In another example, it may be desirable to verify the absence of a point of failure on an "off-the-shelf integrated circuit prior to provisioning the integrated circuit. In such an application, the POF detection apparatus 10 can be used by a third party (a potential purchaser) by extracting a netlist of an IC device intended for purchase (e.g., by performing reverse engineering of a sample of the integrated circuit, such as by de-layering, applying confocal microscopy or X-ray tomography to the sample) and applying the POF detection apparatus to the netlist (as a structural description of the IC device). If a POF is detected, the third party may require redesigning the integrated circuit to remove the POF, or selecting another integrated circuit, preferably one that has been explicitly tested against the POF.
The following description of some embodiments refers primarily to the detection of points of failure during the design of an integrated circuit, but the skilled person will readily understand that the following embodiments may also be applied analogously to the evaluation of manufactured IC devices. The POF detection apparatus 10 may include a POF detection unit 11 for performing detection of a failure point (SPOF or MPOF). The POF detection unit 11 may be connected to a memory cell to extract the netlist 1 of the IC device. In some embodiments, POF detection apparatus 10 and the memory cells storing netlist 1 may be implemented on the same computing system. In some embodiments, the POF detection unit 11 may access the netlist through a remote server (client/server connection) of the netlist that can be retrieved from the storage unit. In a particular embodiment of the present invention, POF detection apparatus 10 may test netlist 1 (e.g., a gate level netlist) generated in the design flow of an IC device.
Each sensitive function block 16 comprises one or more inputs, at least one sensitive output and a set of elements interconnected such that the value of the output is a boolean function of the values of the inputs of the sensitive function block 16. As used herein, "sensitive functional block" refers to a block of an IC device that: if the line corresponding to the sensitive output is cut, the entire circuit fails.
The POF detection apparatus 10 is configured to test an n-tuple of selected elements contained in a portion of the netlist corresponding to at least some of the sensitive function blocks 16. For each selected n-tuple of elements, the POF detection apparatus 10 may be further configured to modify the selected n-tuple of elements from an initial state to a test state (i.e., "edit" the n-tuple of elements), and then determine whether a boolean function associated with at least some of the sensitive functional blocks is constant (POF test condition).
As used herein, the term "edit" refers to the modification of the initial state of the n-tuple of elements in the netlist to open (i.e., disconnect) the net or fix it to a predefined value (e.g., '0' or '1'), which the attacker is about to perform.
In some embodiments, the POF detection apparatus 1 can check POF test conditions for all sensitive functional blocks 16 of the IC device. An n-tuple represents a fault point of order n in an Integrated Circuit (IC) if the boolean function associated with each functional block is constant for the sensitive functional block under consideration. Information related to the n-tuple of elements may then be stored. The n-tuple of the element is reinserted into the netlist before another n-tuple of the element is selected.
Thus, the POF detection system 100 allows any failure point of order n to be detected before the IC device 2 is manufactured. In response to detecting one or more failure points (SPOFs or MPOFs) in the netlist, a model of the IC device may be refined, and a new netlist may be iteratively constructed from the model until no failure points are detected. The IC device 2 may then be manufactured from the POF-free netlist.
In some embodiments, the POF detection system 100 can further include a notification unit 12 configured to issue a notification in response to detecting the at least one point of failure. The notification may include information related to one or more detected failure points, such as a report of a path including the failure point in the IC device.
In some embodiments, the POF detection system 100 may further comprise a correction unit 13 configured to determine a correction procedure in response to the detected failure point. In particular, the correction unit 13 may be configured to determine a recommendation relating to the design of the IC device in consideration of the information relating to the failure point reported by the notification unit 11. In some embodiments, the correction unit 13 may be configured to apply a redundancy code to the detected failure point. The redundant encoding may include, for example, duplicating the gate carrying the signal responsible for the detected failure point, or duplicating and inverting the gate to include some diversity. It may also be included to replace the gate by any set of gates that produce x signals related to SPOF, which changes SPOF (i.e., multiple 1 MPOF) to multiple x MPOF.
The IC device 2 described by the netlist may be any IC device, in particular any embedded device or system containing secret data and/or requiring a level of integrity, such as a smart card, a security device, a multimedia player, a recorder or a mobile storage device like a memory card and a hard disk. IC devices may be used in a wide variety of communication and data processing applications, for example in the automotive industry, security access solutions, mobile phone devices, payment fields such as banking solutions, etc.
Depending on the application, the IC device 2 may refer to:
manufactured IC devices from which a structural description (e.g. a netlist) of at least one sample of the IC device can be extracted, or
An IC device designed (i.e. intended to be manufactured) during the design process of the IC device, a structural description (netlist) of the IC device being generated in the design phase for manufacturing the IC device.
The IC device 2 described by the netlist may be of any type, such as ASIC, FPGA, GPU or CPU type circuitry, etc.
The netlist may include one or more related lists. The netlist lists at least the pins of the electrical component in the IC device and the interconnects ("nets") that interconnect the pins of the component.
Netlists may use various types of structures and representations. For example, the netlist may be a physical or logical netlist, as well as an instance-based or net-based netlist, a planar or hierarchical netlist (a folded or unfolded hierarchical netlist).
In an embodiment, the netlist may be a gate-level netlist (cells of the gate-level netlist are represented by gates) of the IC device or a transistor-level netlist generated during the IC design process. More generally, a netlist may refer to any level of description of a circuit. The following description of some embodiments will refer to a gate level netlist in which cells are represented by gates, for purposes of illustration only. The invention in its broader aspects is therefore not limited to the specific details, representative method, and illustrative examples shown and described.
In the gate-level netlist, the variables of the IC device are represented by basic boolean variables, each variable being represented by one bit, AND the gates of the IC device may include a set of interconnected logic gates (e.g., AND gates (AND), OR gates (OR), exclusive OR gates (XOR), etc.), such as:
sequential gates representing gates of a circuit associated with a state (the gates are usually represented by block diagrams, where the circuit is represented by boxes (such as rectangles), with small triangles on one face), and
-a combination gate (stateless gate) representing a gate not associated with a state and capable of being used to perform intermediate calculations; the values resulting from the intermediate calculations (e.g., calculations on data or checks on calculations) are not stored locally, but are sent to the sequence gate.
The output of the sequential gates (or sequential logic) may depend on the current inputs to the gates, but also on the order of the past inputs (input history).
The logic gates may be connected by a line (also referred to as a "line") over which signals circulate. The netlist forms a logic gate interconnect diagram representing connections ("nets") between various logic gates of the IC device. The variables stored in the sequential gates correspond to variables that the output lines of the gates can carry.
Sequential gates (also referred to as sequential resources below) may typically comprise memory points, such as latches, but may equally comprise memory (SRAM, FLASH, etc.).
As used in this specification, the term "variable" refers to a container capable of carrying data and associated with operations to read and write data. The definition may correspond to, for example, a register, a gate or a set of sequential logic gates of the IC device 1. Similarly, the line or group of lines of the IC device 1 may also be denoted by the term "variable", the read operation and the write operation often being affected by measuring and modifying, respectively, the voltage level carried by the line or lines.
The variables of the circuit stored in the sequential gates may also be referred to as "sequential variables". Thus, the sequence variable represents a data item contained in the sequence resource (sequence gate), i.e., stored data. The sequence variable stores the state of the computation.
Fig. 2 is a flow chart depicting a process of fabricating an IC device 2 in accordance with the present invention.
For ease of understanding some embodiments, the following description will be made primarily with reference to the SPOF detection system 100 including the SPOF detection apparatus 10 using the SPOF detection unit 11, the SPOF detection unit 11 being configured to detect a single failure point (i.e., a failure point of order n ═ 1) in the Integrated Circuit (IC) device 2, for the purpose of illustration only.
The fabrication of Integrated Circuits (ICs) includes multiple stages of layout-level design that result in the performance of functions described in a specification document that was originally built by a designer. The layout level design is the lowest level description of the IC design. The layout level design includes transistors represented as geometric figures having physical dimensions such as length, width, and location.
In each intermediate step of the IC manufacturing process, the IC is described at a different level of specificity, which includes, among other things:
"behavioral description" of an IC, which is a higher-level description of the IC or of the Register Transfer Level (RTL). In the behavioral description, IC components (e.g., registers, functional blocks of the IC) are induced by variable and data operators;
a logic level description of an IC at the gate level (a second lowest level description of the IC), where the IC is represented as a set of interconnected logic gates (e.g., AND gates, OR gates) AND memory components (e.g., flip-flops). This representation corresponds to a gate level netlist (also known as a gate intercommunication graph). The process of converting RTL to a netlist is commonly referred to as "synthesis".
The manufacturing process of an IC device begins at step 200, where a specification document is generated in a modeling phase (hardware and/or software modeling). In step 200, the IC device is modeled at a higher level to verify the architecture selected for the IC device in terms of quality, taking into account the application constraints set for the IC device.
In step 201, a behavior description (also referred to as an "RTL description") is generated from the specification document. This provides a high-level language in which the implementation of the circuit is described at the register transfer stage in the form of sequential elements (registers, latches) and combinational logic elements corresponding to the combination between the inputs/outputs of the sequential elements and the main inputs/outputs of the circuit. The description may be encoded using a high-level programming language (e.g., system C, VHDL, etc.).
A logic simulation step (not shown in fig. 2) may then be performed using a simulator for simulating each interconnect signal in time according to the input stimuli to simulate an RTL description. Such simulation may include simulation of an executable program associated with a processor of the circuit (if the circuit includes a processor). A functional verification step (not shown in fig. 2) may also be implemented to supplement the simulation, especially to simulate long-term operation, to speed up the simulation, and to use a language based on assertion modeling to obtain a more complete result, defining the functional characteristics that the circuit must verify. Functional verification may be achieved based on a random stimulus generator with automatic verification of the results against a reference model, or using formal functional verification tools.
In step 202, a gate-level netlist implementing the function specified by the specification document is generated from the RTL description of the IC ("logic synthesis" step). In step 202, information about the units that are being used and the way the units are connected to each other is used. The logic synthesis step aims to refine the behavioral description of the circuit to generate a structural description of the logic gate level (netlist) based on the target technology AND/OR a library of logic gates (e.g., AND, OR gates, latches, etc.) specific to the foundry that will fabricate the circuit. The logical composition may take into account various operational constraints. Logic synthesis may be achieved by means of an electronic design automation tool configured to transform behavioral descriptions in a high-level language into generic structural descriptions (independent of logic gate libraries) that describe combinatorial and sequential logic elements in a generalized form, and then replace them with elements from the logic gate libraries, so as to satisfy conditions imposed on circuit characteristics (logic paths of the circuit) with respect to time constraints (e.g., circuit operating frequency), space constraints (silicon size), and power consumption constraints. If the selected element does not satisfy the constraint, the synthesis tool may test other gates from the library. The netlist can be associated with computer files (corresponding to the netlist) in any suitable format, such as Verilog, VHDL, EDIF (acronym for "electronic design interchange format"). The file represents the gates from the library and the instantiations of their interconnections representing the electronic circuit. The representation may include only boolean variables, each represented by 1 bit.
In step 204, the netlist is tested to determine whether the IC design includes SPOF (detection of SPOF). If one or more SPOFs are detected in the test step 204, the design may be modified by iterating steps 200-204 until no SPOFs are detected.
If no SPOF is detected in step 204 (test block 205), step 206 is performed. Step 206 includes determining whether the cells identified in step 202 are to be placed on a chip substrate of the IC device, and how connections between the cells are routed on the substrate ("place and route" step). This step establishes the physical layout of the chip. Step 206 may take into account several constraints (such as timing, area, and power) that result in netlist modification due to the optimization phase. Steps 200 to 206 may be iterated.
In step 208, a transistor-level netlist may be extracted from the layout including the transistor elements. In addition, the IC may be tested for certain characteristics (e.g., power consumption with respect to battery life), and by iterating steps 200-208, the design may be further modified depending on the results of such testing.
In step 210, a chip corresponding to the IC device may be fabricated in a factory (foundry) based on the transistor-level netlist and a standard geometric layout database (GDSII).
In some embodiments, the sensitive function block 16 of the IC device is a protection block represented by a portion of a netlist. The function of the protection block is to report any anomalies to the rest of the circuit so that adequate measures can be taken. In general, the sensitive output of the protection block may include one or more alarms. However, the protection block may include additional sensitive outputs, such as a security-related status word output associated with the alarm. As used herein, a "protection block" refers to the portion of the netlist that generates such sensitive signals related to safety issues. Thus, each protection block corresponds to at least one critical signal of the IC device, such as an alarm signal. The following description of some embodiments will refer to sensitive functional blocks of the type protection block and sensitive outputs represented by alarm outputs for illustrative purposes only. However, the skilled person will readily understand that the present invention applies to all types of sensitive outputs delivered by any type of sensitive functional block of an integrated circuit.
Each protection block comprises one or more inputs, at least one sensitive output (represented in the example considered by an alarm output) and a set of elements interconnected such that the value of the alarm output is a boolean function of the input values of the protection block. Such a boolean function defines the activation condition of the alarm associated with the protection block.
The design of the IC device 2 may be prepared to embed a plurality of protection blocks to protect the IC device 2 from attack. Each protection block corresponds to a sub-circuit of the IC device 2. In some embodiments, the protection block may include one or more sensors intended to detect possible attacks. For example, the IC device 2 may include a sensor configured to detect a physical attack (such as a probing attack or a perturbation attack). The IC device 2 may also include other sensors or protective blocks, such as shields, digital sensors, and the like. In further embodiments, the IC device 2 may be configured to detect cyber attacks, such as CFI (control flow integrity) verification. These several options may be implemented individually or in combination.
Such a protection block is configured to generate an alarm at its output in response to detecting abnormal operation of the IC device. In the gate-level netlist, each protection block includes one or more signal inputs and at least one alarm output and is represented by a set of gates connected by lines. The value applied to the signal input of the protection block results in a particular value of the alarm output of the protection block. The values of the alarm output of the protection block include an activation value (e.g., "1") indicating an abnormal operation of the IC device (the alarm is triggered), and a deactivation value (e.g., "0") indicating a normal operation of the IC device. The protection blocks (represented by gates and lines in the netlist) thus implement the activation conditions for the corresponding alarms.
In such embodiments, the POF detection apparatus 10 may be configured to select an n-tuple of elements in netlist 2, test the selected n-tuple by editing (e.g., removing or fixing to a given value) the selected n-tuple of elements in the netlist, and check whether POF test conditions are met for each of at least some of the protection blocks, including checking whether a boolean function associated with each protection block is constant.
FIG. 3 shows an example of portions of a netlist to be tested corresponding to two alarm blocks of an IC device.
The first alarm block 30 of the netlist section is made up of a first alarm output "alarm # 1", the state of which depends on the conditions on the three signal inputs "combi # 1", "verif # 1" AND "VerifEnableControl", which are represented using XOR gate 300 AND gate 302 as follows:
the second alarm block 31 of the netlist section is constituted by a first alarm output "alarm # 2", the state of which depends on the conditions on the three signal inputs "combi # 2", "verif # 2" AND "VerifEnableControl", which are represented, for example, by using XOR gate 301 AND gate 303 as follows:
the skilled person will readily appreciate that the above conditions are provided for illustrative purposes only, and that the activation conditions of the protection block may depend on different signal inputs and boolean operators.
The following description of some embodiments may be made with reference to sensitive functional blocks corresponding to protection blocks, for illustrative purposes only.
Embodiments of the present invention provide apparatus and methods for reliably detecting POFs in an IC device using portions of a netlist corresponding to at least some of the protection blocks of the IC device prior to manufacturing the IC device in a foundry. This allows the design of the IC device to be modified accordingly to prevent POF in the final IC device.
Fig. 4 shows a block diagram of the SPOF detection apparatus 10 according to some embodiments, where n is 1.
In one application of the invention in connection with detection of SPOFs as described in fig. 4, the selection unit 101 may be implemented as a netlist parser configured to traverse each element (gate or line) contained in a netlist portion corresponding to a protection block of the IC device.
Each traversed element of the netlist may correspond to a gate or a line of the netlist.
Netlist parser 101 may process the netlist after extracting the netlist using known techniques, for example as described in connection with step 202 (gate level netlist) or 208 (transistor level netlist).
Netlist parser 101 may operate directly on the entire netlist or alternatively on selected portions of the netlist corresponding to the protection blocks of the IC device. Traversal of selected portions of the netlist can be performed by netlist parser 101 using a variety of known techniques. For example, in embodiments where the netlist is represented by a tree (each netlist gate is represented by a node of the tree and the connecting lines are represented by links that link the nodes), netlist parser 101 may be configured to traverse the IC device netlist according to, for example, a breadth-first traversal. Depth-first traversal causes nodes at deeper levels to be processed before nodes at subsequent levels.
The test unit 104 may be configured to check whether any signal changes to the netlist in response to editing of the tested element can cause a set of alarm outputs to be fixed to a deactivation value (the inactivity value may, for example, be equal to zero). In other words, the SPOF test condition comprises checking whether the activation condition of the alarm is unchanged, i.e. the condition between the deactivation value (or activation value) of each alarm output and the input value of the protection block corresponding to the alarm output. For a given protection block corresponding to an alarm, the value of the alarm output of the protection block of each protection block is a Boolean function of the inputs of the protection block, the Boolean function representing the alarm condition of the protection block. In the case of a boolean function, the SPOF test condition can then be implemented by checking whether the boolean function representing the alarm condition for each protection block is a constant (the SPOF test condition is then satisfied and reveals the presence of SPOF at the traversed element). In one embodiment, to check whether the boolean function associated with a given protection block is constant, the derivative of the boolean function is first calculated. If the derivative is equal to zero for any input value, then the Boolean function is determined to be constant, and thus the SPOF test condition is satisfied.
In one example based on FIG. 3, test unit 104 may fix the "signal/top/verif _ enable _ control" element at level '0' while specifying the "driving/top/combi _ # 1" and "/top/verif _ # 1" signals according to the use case that the alarm should be raised. In this example, a '0' level is always detected on the "/top/alarm _ # 1" signal.
"editing" a tested element of a netlist refers to a single modification to the netlist. This is equivalent to breaking the lines in the netlist. The modification to the netlist so performed to test SPOF captures the actions of the attacker.
If the condition is met (i.e. the activation condition of the alarm is not changed), this means that SPOF is detected.
The SPOF detection apparatus thus allows checking whether there are two different input configurations, such as alarm active and inactive, for all single-bit modifications of the netlist. One of the advantages of the present invention is to detect SPOF at the design stage of the IC device 1, thereby preventing SPOF from existing in the manufactured IC device.
As shown in fig. 4, the SPOF detection apparatus 10 may further include a notification unit 12 configured to issue a report after each iteration of the test performed by the test unit 104 in response to detecting at least one non-empty entry in the SPOF data structure (i.e., detecting at least one SPOF in the netlist). The report may be sent, for example, to an IC designer at the end of a test performed by test unit 104. In embodiments using the correction unit 13, the correction unit 13 may determine the correction process based on data contained in the SPOF number structure 111. The report sent by the notification unit 12 may then include a description of the correction procedure.
In some embodiments, the SPOF detection unit 11 may further include an injector 102 configured to initially insert a set of elements into the netlist that simulate possible attacks that may be performed by an attacker. More specifically, for certain types of protection blocks configured to detect physical problems (e.g., disturbances due to laser emission, electromagnetic pulses, glitches on clock or power, etc.), the SPOF detection unit 11 may be configured to activate the injector 102 to increase the number of elements of netlist 1 before performing the SPOF test.
In some embodiments, the injector 102 may be configured to determine the type of each protection block contained in the netlist and insert test elements into portions of the netlist corresponding to the protection blocks (or more generally sensitive function blocks), depending on the type of protection block identified. This provides a modified netlist. The injector (102) may be configured to send the modified netlist to the selection unit 101 for selection of an n-tuple of elements.
For example, if the protection block represents a digital sensor that includes a chain of buffers, the injector 102 may freeze a signal related to the test element to a level of '0' instead of '1' (or vice versa) that is configured to invert the chain of buffers in the portion of the netlist corresponding to the digital sensor.
The injector 102 may use the database 108 to identify, depending on its type, the test elements to be frozen and the connections of the test elements with respect to the elements of the protection blocks in the portion of the netlist corresponding to each protection block.
In some embodiments, the injector 102 may be modeled on a test bench such as a simulator (e.g., an HDL simulator). This provides an extension to easily twist any signal through the hierarchy directly from the top hardware module. In the example of a protection block corresponding to a digital sensor, the simulator may affect the digital sensor behavior according to the specifications and snoop inputs, outputs and internal signals of each individual entity making up the digital sensor.
In some embodiments using the transistor-level netlist, the injector 102 may also simulate one or more end-application attacks on the transistor-level netlist using an analog/digital hybrid model to detect vulnerabilities.
It should be noted that in some embodiments, and depending on the type of protection block being tested, for example, for misbehavior with a logical source such as a bug in software, it may not be necessary to insert test elements through the injector 102. For example, the injector 102 may not be caused to inject elements of the protection block for the type network CPU.
FIG. 5 is a flow diagram depicting a method of detecting a single point according to some embodiments.
At step 500, a netlist is extracted.
If an injection condition is detected in step 502, then a test element is injected (i.e., inserted) into the netlist in step 503. The injection conditions may include identifying a type of each protection block and determining whether a test element is inserted from the database into a portion of the netlist corresponding to the protection block. If so, test elements may be inserted into the netlist using the place and route information extracted from the database.
Step 504 may be performed on the netlist if no injection condition is detected in step 502, or step 504 may be performed on the modified netlist after injecting test elements into the netlist in step 503 if an injection condition is detected in step 502. The description of the following steps of the detection method is made with simple reference to the term "netlist", which thus covers either the original extracted netlist or the modified netlist.
In step 504, at least the portion of the netlist corresponding to the protection blocks is traversed. The following steps are performed for each traversed element (gate or line).
For each traversed element (selected in block 506), testing of the netlist is performed. This includes:
performing a modification of the netlist (i.e. opening the corresponding net or maintaining the elements to a predefined binary value) by editing the traversed elements in step 508;
in step 510 it is checked whether the SPOF test conditions are fulfilled, i.e. for each protection block the activation conditions of the sensitive output of the protection block are not changed.
Step 510 may be performed by determining whether the derivative of the boolean function representing the alarm condition for each protection block is equal to zero for any input value. The SPOF test function is satisfied if the derivative of the boolean function is constant. This means that the activation condition of the protection block is not changed.
The n-tuple of the selected element can be modified from the test state back to the initial state (the state before the element was edited) before another n-tuple of elements is selected.
The "modification" of the netlist (e.g., gate-level netlist, transistor-level netlist, layout) performed in step 506 captures the actions of the attacker. Thus, if such a modification corresponding to a break in a line results in a variable associated with the traversed element being fixed to a given value (e.g., zero or one), then SPOF is detected.
It should be noted that although embodiments of the present invention have been described in connection with a single point of failure, this applies analogously to the detection of more than two points of failure and more generally to the detection of n points of failure (n being an integer value greater than or equal to one). Steps 506 and 508 would then include tampering with the n elements, rather than the single element.
The detection method thus allows testing for possible defects in the netlist representing the integrated circuit device 2. If one or more POFs (n ≧ 1) are detected, a further correction step may be applied. The correction step may include applying a redundant encoding to each detected POF (e.g., copying the gate carrying the signal responsible for the POF, or copying and inverting the gate to include some diversity, or replacing the gate with an arbitrary set of gates that produce x signals related to SPOF, transforming SPOF (i.e., POF with a multiple of 1) to POF with a multiple of x, etc.).
The IC designer can use the POF detection method to verify the entire alarm circuit specification with respect to safety and integrity points of view (single point of failure without specifying a signal). The method checks not only the propagation of specific signals, but also the electronic stages through the gate and the correct conversion from HDL to place and route design (merged signals, inverter/complex gate insertion, etc.).
In one embodiment, as shown in fig. 6, the POF detection apparatus 10 may be part of an integrated circuit design device 600 for designing an integrated circuit device. The design apparatus 100 may include:
a behavioral description generator 602 configured to determine a behavioral description of the IC device from a model of the IC device;
a gate level netlist generator 603 configured to generate a gate level netlist from the model of the behavioral description;
a floorplan-router 604 configured to floorplan and route cells to determine a physical floorplan of the IC device;
a transistor-level netlist generator 606 configured to extract a transistor-level netlist including transistors and connections from the layout.
Although the POF detection apparatus 10 is represented in fig. 6 as part of the integrated circuit design apparatus 600, the skilled artisan will readily appreciate that in alternative embodiments, the POF detection apparatus 10 may be separate from the integrated circuit design apparatus 600 and cooperate with the apparatus 600 by using a generated structure description file generated by the apparatus 600, as described with respect to fig. 6.
In such embodiments, design apparatus 600 may include detection device 100 for detecting failure points in the gate-level netlist, and/or the physical layout (described by the physical description file) and/or the transistor-level netlist. The IC design apparatus 100 may be configured to modify the model if at least one failure point is detected.
In another application, POF detection methods may be used upstream to evaluate manufactured integrated circuits and ensure that they do not include POFs (IC evaluation applications, authentication processes, etc.). In such applications, the POF inspection apparatus 10 may be used by an integrated circuit evaluation device to evaluate and verify a manufactured integrated circuit device. The integrated circuit evaluation apparatus may include a structure description extractor configured to extract a structure description (e.g., a netlist) from at least one sample or portion of the IC device, and the POF detection apparatus is configured to detect a point of failure in the integrated circuit from the extracted description file.
Embodiments of the invention can take the form of an embodiment containing both hardware and software elements.
Further, the POF detection methods described herein may be implemented by computer program instructions that are supplied to a processor of any type of computer to produce a machine having a processor that executes the instructions to implement the functions/acts specified herein. These computer program instructions may also be stored in a computer-readable medium that can direct a computer to function in a particular manner. To this end, the computer program instructions may be loaded onto a computer system to cause a series of operational steps to be performed.
Fig. 7 is a simplified block diagram illustrating a general-purpose programmable computer system 700 in which the SPOF detection method may be implemented according to some embodiments. The computer 700 may include a processor 72, a memory 74, a mass storage device 76, an input/output (I/O) interface 73, and a Human Machine Interface (HMI) 740. Computer 700 may also be operatively coupled to one or more external resources 75 via network 71 and/or I/O interface 73. External resources may include, but are not limited to, servers, databases, mass storage devices, peripherals, cloud-based network services, or any other suitable computing resource that may be used by computer 700. In particular, a netlist describing the IC device may be provided to the computer system as an external resource 75.
The processor 72 may include one or more devices selected from a microprocessor, microcontroller, digital signal processor, microcomputer, central processing unit, field programmable gate array, programmable logic device, state machine, logic circuitry, analog circuitry, digital circuitry, or any other device that manipulates signals (analog or digital) based on operational instructions stored in the memory 74. Memory 74 may include a single memory device or multiple memory devices including, but not limited to, Read Only Memory (ROM), Random Access Memory (RAM), volatile memory, non-volatile memory, Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), flash memory, cache memory, or any other device capable of storing information. The mass storage memory device 76 may include a data storage device such as a hard disk drive, optical disk drive, tape drive, non-volatile solid state device, or any other device capable of storing information. Database 764 may reside on mass storage memory device 76 and may be used to collect and organize data used by the various systems and modules described herein.
The processor 72 may operate under the control of an operating system 726 resident in the memory 74. The operating system 726 may manage computing resources such that computer program code embodied as one or more computer software applications, such as application 728 resident in memory 74, may have instructions executed by the processor 72. In alternative embodiments, the processor 72 may directly execute the application 728, in which case the operating system 726 may be omitted. One or more data structures 720 may also reside in the memory 74 and be used by the processor 72, operating system 726, and/or applications 728 to store or manipulate data. In one embodiment, the SPOF data structure 111 may be contained in a data structure block 720 of the memory 74.
The program code, when executed by the processor, causes the processor to:
-selecting an n-tuple of elements at least in a part of the netlist corresponding to the sensitive functional block,
-testing the n-tuple of each selected element, the testing step comprising:
modifying the n-tuple of the selected element from an initial state to a test state;
it is determined whether the derivative of the boolean function associated with each sensitive function block is equal to zero.
The processor 72 is further caused to detect that the n-tuple represents a fault point of order n in the Integrated Circuit (IC) device if a boolean function associated with the sensitive functional block is equal to zero.
I/O interface 73 may provide a machine interface that operably couples processor 32 to other devices and systems, such as network 71 and/or external resources 75. Thus, the application 728 provides various features, functions, applications, processes, and/or modules comprising embodiments of the invention by communicating via the I/O interface 73 to work in conjunction with the network 712 and/or external resources 75. The application 728 may also have program code executed by one or more external resources 75 or otherwise rely on functionality and/or signals provided by other system or network components external to the computer 700. Indeed, given the variety of hardware and software possible configurations, one of ordinary skill in the art will appreciate that embodiments of the present invention may include applications located external to computer 700, distributed among multiple computers or other external resources 75, or provided by computing resources (hardware and/or software) provided as a service via network 71, such as a cloud computing service.
The HMI 740 may be operatively coupled to the processor 72 of the computer 700 in a known manner to allow a user of the computer 700 to interact directly with the computer 700. HMI 740 may include a video and/or alphanumeric display, a touch screen, a speaker, and any other suitable audio and visual indicator capable of providing information to a user. The HMI 740 may also include input devices and controls, such as an alphanumeric keypad, a pointing device, a keypad, buttons, control knobs, a microphone, etc., capable of accepting commands or input from a user and sending entered input to the processor 72.
Additional advantages and modifications will readily appear to those skilled in the art. The invention in its broader aspects is therefore not limited to the specific details, representative method, and illustrative examples shown and described.
Claims (15)
1. An apparatus (100) for detecting a point of failure in an Integrated Circuit (IC), the integrated circuit device being described by a structural description of the integrated circuit (2) comprising a plurality of elements, the elements representing cells and lines interconnecting the cells, the structural description of the integrated circuit further comprising a portion representing a set of sensitive functional blocks (16), each sensitive functional block comprising one or more inputs, at least one sensitive output and a set of elements interconnected such that the value of the sensitive output is a boolean function of the input values of the sensitive functional block, wherein the apparatus comprises:
a selection unit (101) configured to iteratively select an n-tuple of elements at least in a portion of the structural description of the integrated circuit corresponding to the sensitive functional block,
-a test unit (104) configured to test an n-tuple of each selected element, the test unit being configured to:
-modifying the n-tuple of the selected element from an initial state to a test state;
-determining whether a derivative of the Boolean function associated with each sensitive function block is equal to zero,
the apparatus is configured to detect that the n-tuple represents a fault point of order n in the Integrated Circuit (IC) device if a boolean function associated with the sensitive functional block is equal to zero.
2. The apparatus of claim 1, wherein the test unit (104) is configured to modify the n-tuple of the selected element by performing at least an action in the group consisting of: removing the n-tuple of the element and maintaining the n-tuple of the element to a predefined binary value.
3. The device of any one of the preceding claims, wherein the test unit (104) is configured to store information related to the n-tuple of elements if a derivative of a Boolean function associated with the sensitive functional block is equal to zero.
4. The device of claim 1 or 2, wherein the test unit (104) is configured to modify an n-tuple of a selected element from the test state back to the initial state before another n-tuple of the selected element.
5. Apparatus according to claim 1 or 2, wherein it comprises a data structure (60) for storing information relating to n-tuples of elements under test, the data structure comprising an entry for each n-tuple element.
6. The apparatus of claim 3, wherein the information related to each n-tuple element comprises a path of each n-tuple element in a structural description of the integrated circuit.
7. The apparatus of claim 1 or 2, wherein the apparatus comprises an injector (102), the injector (102) being configured to determine a type of each sensitive functional block comprised in the structural description of the integrated circuit, the injector being configured to insert a test element into a portion of the structural description of the integrated circuit corresponding to a sensitive functional block depending on the type of sensitive functional block, which provides a modified structural description of the integrated circuit, the injector (102) being configured to send the modified structural description to the selection unit (101) for selection of n-tuple elements.
8. The apparatus of claim 7, wherein the injector is configured to force the following if the sensitive function block represents a digital sensor comprising a chain of buffers: the state is configured to invert the buffer chain in a portion of the structural description corresponding to the sensitive functional block.
9. The device according to claim 1 or 2, wherein the selection unit (101) comprises a parser for parsing at least a part of the structural description corresponding to the sensitive function block.
10. The device according to claim 9, wherein the selection unit (101) is configured to parse a portion of the structure description corresponding to the sensitive functional block by applying a breadth-first traversal to the portion.
11. The apparatus of claim 1 or 2, wherein the structural description is selected in the group consisting of: a gate level netlist, an IC layout description, and a transistor level netlist.
12. A design apparatus for designing an integrated circuit device, the apparatus comprising:
-a behavioral description generator configured to determine a behavioral description of an integrated circuit device from a model of the integrated circuit device;
-a gate level netlist generator configured to generate a gate level netlist from the model of the behavioral description;
-a placement router configured to place and route cells to determine a physical placement of the integrated circuit device;
a transistor level netlist generator configured to extract a transistor level netlist comprising transistors and connections from the layout,
wherein the apparatus comprises a device (100) according to any of the preceding claims 1 to 11 for detecting the failure point from a structural description derived from at least one of the gate-level netlist, the layout description file, the transistor-level netlist, the design apparatus being configured to modify the model in response to detecting at least one failure point.
13. An integrated circuit verification apparatus for verifying at least one integrated circuit, the apparatus comprising:
a structure description extractor configured to extract a structure description of the integrated circuit device,
wherein the apparatus comprises a device (100) for detecting a point of failure in the integrated circuit from the extracted description file according to any of the preceding claims 1 to 11.
14. A method for detecting a point of failure in an Integrated Circuit (IC), the integrated circuit device being described by a structural description comprising a plurality of elements, the elements comprising cells and lines interconnecting the cells, the structural description further comprising a portion representing a set of sensitive functional blocks (16), each sensitive functional block comprising one or more inputs, at least one sensitive output and a set of elements interconnected such that the value of the sensitive output is a boolean function of the values of the inputs of the sensitive functional block, wherein the method comprises at least one iteration of the following steps:
-selecting (504, 506) an n-tuple of elements at least in a portion of the structural description corresponding to the sensitive functional block,
-testing (510) the n-tuple of each selected element, the testing step comprising:
-modifying the n-tuple of the selected element from an initial state to a test state;
-determining whether the derivative of the Boolean function associated with each sensitive functional block is equal to zero,
the method is for detecting that the n-tuple represents a fault point of order n in the Integrated Circuit (IC) device if a boolean function associated with the sensitive functional block is equal to zero.
15. A computer program product for detecting a point of failure in an Integrated Circuit (IC), the integrated circuit device being described by a structural description comprising a plurality of elements, the elements comprising cells and lines interconnecting the cells, the structural description further comprising a portion representing a set of sensitive function blocks (16), each sensitive function block comprising one or more inputs, at least one sensitive output and a set of elements interconnected such that the value of the sensitive output is a boolean function of the values of the inputs of the sensitive function block, the computer program product comprising:
a non-transitory computer-readable storage medium; and
program code stored on the non-transitory computer-readable storage medium, which when executed by one or more processors, causes the one or more processors to:
-selecting (504, 506) an n-tuple of elements at least in a portion of the structural description corresponding to the sensitive functional block,
-testing (510) the n-tuple of each selected element, the testing step comprising:
modifying the n-tuple of the selected element from an initial state to a test state;
determining whether a derivative of the boolean function associated with each sensitive function block is equal to zero,
the one or more processors are further caused to detect that the n-tuple represents an order n fault point in the Integrated Circuit (IC) device if a Boolean function associated with the sensitive functional block is equal to zero.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP17305406.5A EP3385735B1 (en) | 2017-04-04 | 2017-04-04 | Device and method for detecting points of failures |
| EP17305406.5 | 2017-04-04 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108694323A CN108694323A (en) | 2018-10-23 |
| CN108694323B true CN108694323B (en) | 2021-09-24 |
Family
ID=59061940
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810296263.XA Active CN108694323B (en) | 2017-04-04 | 2018-04-04 | Apparatus and method for detecting failure point |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US10691855B2 (en) |
| EP (1) | EP3385735B1 (en) |
| KR (1) | KR102049665B1 (en) |
| CN (1) | CN108694323B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11663382B1 (en) * | 2018-09-24 | 2023-05-30 | Architecture Technology Corporation | Systems and methods for hardware trojan detection and mitigation |
| EP3672140B1 (en) * | 2018-12-20 | 2021-08-18 | Secure-IC SAS | Devices and methods for the detection and localization of fault injection attacks |
| CN110210133B (en) * | 2019-06-03 | 2022-07-08 | 哈尔滨工程大学 | Automatic fault injection method for EDIF netlist-level combinational logic circuit |
| CN111460747B (en) * | 2020-04-10 | 2023-03-31 | 重庆百瑞互联电子技术有限公司 | Standard unit tracking method for integrated circuit design |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4763289A (en) * | 1985-12-31 | 1988-08-09 | International Business Machines Corporation | Method for the modeling and fault simulation of complementary metal oxide semiconductor circuits |
| US5748497A (en) * | 1994-10-31 | 1998-05-05 | Texas Instruments Incorporated | System and method for improving fault coverage of an electric circuit |
| CN101158873A (en) * | 2007-09-26 | 2008-04-09 | 东北大学 | Non-linearity process failure diagnosis method |
| CN101201386A (en) * | 2007-12-25 | 2008-06-18 | 电子科技大学 | Method for locating parameter type fault of analogue integrated circuit |
| CN103123659A (en) * | 2011-11-17 | 2013-05-29 | 台湾积体电路制造股份有限公司 | Stacked die interconnect validation |
| CN103294048A (en) * | 2012-02-27 | 2013-09-11 | 阿尔特拉公司 | Methods and apparatuses for automatic fault detection |
| CN104101496A (en) * | 2013-04-09 | 2014-10-15 | 广东美的制冷设备有限公司 | Air conditioning system and fault detection and control method and control device of transmission mechanism of air conditioning system |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6134689A (en) | 1998-02-12 | 2000-10-17 | Motorola Inc. | Method of testing logic devices |
| JP2001174525A (en) * | 1999-12-21 | 2001-06-29 | Advantest Corp | Diagnostic device for electronic circuit network and diagnosing method using this diagnostic device |
| JP2002032427A (en) * | 2000-07-19 | 2002-01-31 | Nec Microsystems Ltd | Device and method for connection verification of lsi and medium with connection verifying program recorded thereon |
| JP4711801B2 (en) * | 2005-10-28 | 2011-06-29 | ルネサスエレクトロニクス株式会社 | Circuit design system and circuit design program |
| US7498848B2 (en) * | 2006-10-03 | 2009-03-03 | Freescale Semiconductor, Inc. | System and method for monitoring clock signal in an integrated circuit |
| US8752032B2 (en) * | 2007-02-23 | 2014-06-10 | Irdeto Canada Corporation | System and method of interlocking to protect software-mediated program and device behaviours |
| CN101720474A (en) * | 2007-05-23 | 2010-06-02 | Nxp股份有限公司 | Process-window aware detection and correction of lithographic printing issues at mask level |
| US9342647B2 (en) * | 2014-03-21 | 2016-05-17 | Taiwan Semiconductor Manufacturing Company, Ltd. | Integrated circuit design method and apparatus |
-
2017
- 2017-04-04 EP EP17305406.5A patent/EP3385735B1/en active Active
-
2018
- 2018-03-27 US US15/937,153 patent/US10691855B2/en active Active
- 2018-04-04 KR KR1020180039285A patent/KR102049665B1/en active IP Right Grant
- 2018-04-04 CN CN201810296263.XA patent/CN108694323B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4763289A (en) * | 1985-12-31 | 1988-08-09 | International Business Machines Corporation | Method for the modeling and fault simulation of complementary metal oxide semiconductor circuits |
| US5748497A (en) * | 1994-10-31 | 1998-05-05 | Texas Instruments Incorporated | System and method for improving fault coverage of an electric circuit |
| CN101158873A (en) * | 2007-09-26 | 2008-04-09 | 东北大学 | Non-linearity process failure diagnosis method |
| CN101201386A (en) * | 2007-12-25 | 2008-06-18 | 电子科技大学 | Method for locating parameter type fault of analogue integrated circuit |
| CN103123659A (en) * | 2011-11-17 | 2013-05-29 | 台湾积体电路制造股份有限公司 | Stacked die interconnect validation |
| CN103294048A (en) * | 2012-02-27 | 2013-09-11 | 阿尔特拉公司 | Methods and apparatuses for automatic fault detection |
| CN104101496A (en) * | 2013-04-09 | 2014-10-15 | 广东美的制冷设备有限公司 | Air conditioning system and fault detection and control method and control device of transmission mechanism of air conditioning system |
Non-Patent Citations (1)
| Title |
|---|
| 一种简易的智能数字芯片检测装置;秦玉伟;《计量技术》;20161130;论文第14-17页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| EP3385735A1 (en) | 2018-10-10 |
| KR20180112725A (en) | 2018-10-12 |
| CN108694323A (en) | 2018-10-23 |
| KR102049665B1 (en) | 2019-11-28 |
| US10691855B2 (en) | 2020-06-23 |
| US20180285483A1 (en) | 2018-10-04 |
| EP3385735B1 (en) | 2019-12-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11270002B2 (en) | Hardware trojan detection through information flow security verification | |
| CN108694323B (en) | Apparatus and method for detecting failure point | |
| Jin et al. | Cycle-accurate information assurance by proof-carrying based signal sensitivity tracing | |
| Basu et al. | CAD-Base: An attack vector into the electronics supply chain | |
| US20070050740A1 (en) | Method and System for Performing Functional Formal Verification of Logic Circuits | |
| Monnet et al. | Designing resistant circuits against malicious faults injection using asynchronous logic | |
| US20040078175A1 (en) | Method and apparatus for modeling and simulating the effects of bridge defects in integrated circuits | |
| US10558771B2 (en) | Systems and methods for security and safety fault analysis using information flow | |
| US11416662B1 (en) | Estimating diagnostic coverage in IC design based on static COI analysis of gate-level netlist and RTL fault simulation | |
| Leveugle | A new approach for early dependability evaluation based on formal property checking and controlled mutations | |
| Letychevskyi et al. | Modeling method for development of digital system algorithms based on programmable logic devices | |
| Nasahl et al. | SYNFI: pre-silicon fault analysis of an open-source secure element | |
| CN114880975A (en) | Hardware trojan generation method, system, equipment and medium | |
| Sterpone et al. | On the design of tunable fault tolerant circuits on SRAM-based FPGAs for safety critical applications | |
| Nahiyan et al. | Code coverage analysis for IP trust verification | |
| Zhong et al. | AFIA: ATPG-guided fault injection attack on secure logic locking | |
| Shabani et al. | PODEM: A low-cost property-based design modification for detecting hardware trojans in resource-constraint IoT devices | |
| Lylina et al. | Security compliance analysis of reconfigurable scan networks | |
| Hamad et al. | Efficient and accurate analysis of single event transients propagation using smt-based techniques | |
| Al-Asaad et al. | Logic design validation via simulation and automatic test pattern generation | |
| Banga et al. | Hardware IP trust | |
| Naidu et al. | Secured Test Pattern Generators for BIST | |
| Bagbaba et al. | Representing gate-level set faults by multiple seu faults at rtl | |
| JP4899927B2 (en) | Test pattern automatic generation method and test pattern automatic generation program | |
| Joseph | Logic Locking Framework and Its Application for Secure Boot in FPGAs |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |